package com.xy.core.util;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

public class CertUtil
{
  public static Log logger = LogFactory.getLog(CertUtil.class);
  private static final char[] HEXDIGITS = "0123456789abcdef".toCharArray();

  public static File get(String s, int i)
  { try
  {
      char ac[];
      KeyStore keystore;
      X509Certificate ax509certificate[];
      ac = "changeit".toCharArray();
      File file = new File("jssecacerts");
      if(!file.isFile())
      {
          char c = File.separatorChar;
          File file1 = new File((new StringBuilder()).append(System.getProperty("java.home")).append(c).append("lib").append(c).append("security").toString());
          file = new File(file1, "jssecacerts");
          if(!file.isFile())
              file = new File(file1, "cacerts");
      }
      FileInputStream fileinputstream = new FileInputStream(file);
      keystore = KeyStore.getInstance(KeyStore.getDefaultType());
      keystore.load(fileinputstream, ac);
      fileinputstream.close();
      SSLContext sslcontext = SSLContext.getInstance("TLS");
      TrustManagerFactory trustmanagerfactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
      trustmanagerfactory.init(keystore);
      X509TrustManager x509trustmanager = (X509TrustManager)trustmanagerfactory.getTrustManagers()[0];
      SavingTrustManager savingtrustmanager = new SavingTrustManager(x509trustmanager);
      sslcontext.init(null, new TrustManager[] {
          savingtrustmanager
      }, null);
      SSLSocketFactory sslsocketfactory = sslcontext.getSocketFactory();
      logger.debug((new StringBuilder()).append("Opening connection to ").append(s).append(":").append(i).append("...").toString());
      SSLSocket sslsocket = (SSLSocket)sslsocketfactory.createSocket(s, i);
      sslsocket.setSoTimeout(10000);
      if(sslsocket != null)
      {
          sslsocket.startHandshake();
          sslsocket.close();
      }
      ax509certificate = savingtrustmanager.chain;
      if(ax509certificate == null)
          return null;
     
          MessageDigest messagedigest = MessageDigest.getInstance("SHA1");
          MessageDigest messagedigest1 = MessageDigest.getInstance("MD5");
          for(int j = 0; j < ax509certificate.length; j++)
          {
              X509Certificate x509certificate = ax509certificate[j];
              messagedigest.update(x509certificate.getEncoded());
              messagedigest1.update(x509certificate.getEncoded());
          }

          int k = 1;
          X509Certificate x509certificate1 = ax509certificate[k];
          String s1 = (new StringBuilder()).append(s).append("-").append(k + 1).toString();
          keystore.setCertificateEntry(s1, x509certificate1);
          File file2 = new File("jssecacerts");
          FileOutputStream fileoutputstream = new FileOutputStream(file2);
          keystore.store(fileoutputstream, ac);
          fileoutputstream.close();
          logger.debug((new StringBuilder()).append("Added certificate to keystore 'jssecacerts' using alias '").append(s1).append("'").toString());
          return file2;
      }
      catch(SSLException sslexception)
      {
          logger.debug((new StringBuilder()).append("\u660E\u6587\u8FDE\u63A5,javax.net.ssl.SSLException:").append(sslexception.getMessage()).toString());
          return null;
      }
      catch(KeyStoreException keystoreexception)
      {
          keystoreexception.printStackTrace();
          return null;
      }
      catch(FileNotFoundException filenotfoundexception)
      {
          filenotfoundexception.printStackTrace();
          return null;
      }
      catch(NoSuchAlgorithmException nosuchalgorithmexception)
      {
          nosuchalgorithmexception.printStackTrace();
          return null;
      }
      catch(CertificateException certificateexception)
      {
          certificateexception.printStackTrace();
          return null;
      }
      catch(IOException ioexception)
      {
          ioexception.printStackTrace();
          return null;
      }
      catch(Exception keymanagementexception)
      {
          keymanagementexception.printStackTrace();
      }
      return null;
  }

  private static String toHexString(byte[] paramArrayOfByte)
  {
    StringBuilder localStringBuilder = new StringBuilder(paramArrayOfByte.length * 3);
    for (int k : paramArrayOfByte)
    {
      k &= 255;
      localStringBuilder.append(HEXDIGITS[(k >> 4)]);
      localStringBuilder.append(HEXDIGITS[(k & 0xF)]);
      localStringBuilder.append(' ');
    }
    return localStringBuilder.toString();
  }

  private static class SavingTrustManager
    implements X509TrustManager
  {
    private final X509TrustManager tm;
    private X509Certificate[] chain;

    SavingTrustManager(X509TrustManager paramX509TrustManager)
    {
      this.tm = paramX509TrustManager;
    }

    public X509Certificate[] getAcceptedIssuers()
    {
      throw new UnsupportedOperationException();
    }

    public void checkClientTrusted(X509Certificate[] paramArrayOfX509Certificate, String paramString)
      throws CertificateException
    {
      throw new UnsupportedOperationException();
    }

    public void checkServerTrusted(X509Certificate[] paramArrayOfX509Certificate, String paramString)
      throws CertificateException
    {
      this.chain = paramArrayOfX509Certificate;
      this.tm.checkServerTrusted(paramArrayOfX509Certificate, paramString);
    }
  }
}

 